The present invention relates generally to providing secure transactions between a local transaction device and a remote communication device and, more particularly, to a transponder fuel dispensing system for providing secure authorizations and transactions using the transponder in a fuel delivery, retail sales and service environment.
In recent years, traditional gasoline pumps at service stations have evolved into elaborate point-of-sale (POS) devices having sophisticated control electronics and user interfaces with large displays and touch pads (or screens). These dispensers include various types of payment means, such as card readers, to expedite and further enhance fueling transactions. A customer is not limited to the purchase of fuel at the dispenser. More recent dispensers allow the customer to purchase services, such as car washes, and goods such as fast food or convenience store products at the dispenser. Once purchased, the customer need only pick up the goods and services at the station store.
Given the ever increasing demand to increase transaction efficiency by both fuel suppliers and customers, transaction systems associated with the service stations are further evolving to provide fully automated authorization and purchasing. It would be advantageous if customers no longer needed to use a credit/debit card or smartcard to purchase fuel or other products or services. This can be accomplished if the customer, vehicle or both are equipped with a remote intelligent communications device, or transponder (hereinafter referred to as a tag for simplicity), capable of remotely communicating with fuel dispensers and other devices as desired. These tags and dispensers operate in conjunction to provide a cashless and cardless transaction system where transactions are automatically charged or debited without requiring any action by the customer.
Numerous patents have issued and foreign applications published relating to technology associated with communicating information between a tag or like transponder and the fuel dispenser. These patents disclose communicating between the tag and fuel dispenser with fiber optics, electromagnetic radiation, such as radio frequency transmissions, infrared, direct electrical connections and various others means or combination of these means. Various types of information is communicated between the tag and the dispenser including vehicle identification, customer identification, account information, fuel requirements, diagnostics, advertising, and various other types of solicited and unsolicited messages. Certain specific applications equip the tag and dispenser with cryptography electronics to encrypt and decrypt data transferred between the tag and dispenser.
Tag transponder technology is used in many areas of technology relating to vehicles. Such technology is used in tracking vehicles, navigational aids, toll collection, diagnostics, vehicle security and theft deterrence, keyless entry, refueling, collision avoidance, vehicle identification, surveillance and traffic control as well as transmitting and receiving financial data.
Using tag technology in association with the fuel dispensing environment is currently in its embryonic stage. Although further advances occur at a continually increasing rate, a concern of utmost importance has not been addressed. Given the ingenuity and resourcefulness of information thieves, financial and account information is susceptible to theft if transmitted from the tag to the dispenser and onto a host network system, which generally provides authorization and account adjustment functions for the transaction. Even with today's most sophisticated coding and encryption techniques, information thieves, given enough time and opportunity, are able to decrypt the encrypted data and obtain various financial and account information.
Further dangers arise when each fuel dispenser either includes, or relays this account information to the host network. Theft and fraud opportunities arise from not only the information thieves stealing information from the airwaves in the local transaction environment, but from those having access to confidential information stored in the tag, dispenser and fuel station store. A stolen tag provides a thief an indefinite amount of time to figure out the internal workings and information within the tag.
Additionally, since most of these tags will necessarily and ultimately communicate with a central network host through the fuel dispenser POS, access to various different accounts and different financial information is available for purchasing any number of products using a number of accounts. In addition to providing high levels of security for tag authorization, account access, and data transfer, less sophisticated security techniques providing lower levels of security are needed to facilitate certain tag functions that either do not require a high degree of security or require the tag to access and communicate with a fuel dispenser or other source, such as a restaurant or other goods or services provider that does not have high level security capability. For example, service stations or restaurants may want to access various types of non-confidential information on the tag to determine identification or other information relating to their particular business. Based on this information, the businesses may want to provide loyalty points for a tag holder relating to the number of visits or amount of goods or services purchased. Although providing loyalty points does not require the intense security necessary to secure financial account information, these local businesses still need to ensure to a sufficient degree that unscrupulous customers cannot adjust their loyalty points at will.
Another reason for providing different levels or types of security for different transactions is to reduce the number of times information thieves have access to a given security technique. Security is enhanced if the manner of encryption or the key used for encryption varies periodically and if the key used for encryption and decryption is never transmitted. Thus, there is a need for a secure transaction system capable of providing virtually impenetrable transactions between a tag and a fuel dispenser associated with a host authorization network. There is also a need for this system and tag to enable other sources to access the tag at lower levels of security without jeopardizing account or financial information in addition to providing general access to non-confidential information. The system should avoid transmitting cryptography keys and should periodically change keys during transactions to minimize any chance a thief may have in deciphering the key.